use wsgi.url_scheme instead of HTTPS

2013-03-25 15:37:09 -04:00 · 2013-03-25 15:37:09 -04:00 · 073c65000c
commit 073c65000c
parent ef174d0212
2 changed files with 9 additions and 2 deletions
--- a/koji/auth.py
+++ b/koji/auth.py
@ -372,8 +372,8 @@ class Session(object):
        if self.logged_in:
            raise koji.AuthError, "Already logged in"

-        if context.environ.get('HTTPS') not in ['on', '1']:
-            raise koji.AuthError, 'cannot call sslLogin() via a non-https connection'
+        if context.environ['wsgi.url_scheme'] != 'https':
+            raise koji.AuthError, 'cannot call sslLogin() via a non-https connection: %s' % context.environ['wsgi.url_scheme']

        if context.environ.get('SSL_CLIENT_VERIFY') != 'SUCCESS':
            raise koji.AuthError, 'could not verify client: %s' % context.environ.get('SSL_CLIENT_VERIFY')
--- a/koji/server.py
+++ b/koji/server.py
@ -67,6 +67,7 @@ class WSGIWrapper(object):
            #TODO - file_wrapper support
        }
        environ = LazyDict(environ)
+        environ.lazyset('wsgi.url_scheme', self.get_scheme, [])
        environ.lazyset('modpy.env', self.env, [])
        environ.lazyset('modpy.opts', req.get_options, [])
        environ.lazyset('modpy.conf', req.get_config, [])
@ -107,6 +108,12 @@ class WSGIWrapper(object):
            uri = uri.rstrip('/')
        return uri

+    def get_scheme(self):
+        if self.envget('HTTPS') in ('yes', 'on', '1'):
+            return 'https'
+        else:
+            return 'http'
+
    def no_write(self, string):
        """a fake write() callable returned by start_response